SlideShare a Scribd company logo

Phi 235 social media security users guide presentation

Download as PPTX, PDF
Alan Holyoke
Alan Holyoke

The document provides an overview of various cyber security solutions and concepts. It discusses 13 sections related to cyber security including access control solutions, vulnerability analysis, gap analysis, penetration testing, web application security, log analysis, network traffic analysis, information security policy design, and security products identification. Each section provides 1-3 paragraphs explaining the topic and key considerations.

1 of 40
Downloaded 19 times
SOCIAL MEDIA SECURITY USERS GUIDE CYBER SECURITY SOLUTIONS ALAN HOLYOKE PHI 235
Phi 235 social media security users guide presentation
WEBSITES SECURITY As you can see by the diagram to the left, there are numerous browsers and websites that you and I utilize on a daily basis, an ever growing reality that keeps us โ€œconnectedโ€ to everyone and everything that we may want to be connected to. In regards to Cyber Security Solutions, this guide will explain the thirteen different sections covering everything from Access Control to Gap Analysis to Information Security Policy and everything in between. Well, letโ€™s take a journey, shall weโ€ฆ.
Access control solutions Access control solutions allow companies to determine who can go where and when. An audit trail shows the details of who passed through your access control entry and exit devices. Events recorded to a head end computer may be linked to video, paging, or alarm functions. By combining software and hardware, your system can be controlled, queried, or programmed from anywhere on your network or via a secure web browser.
They give you a complete picture of each employees activity by days, weeks, and the times they passed though any access controlled door in your facility. Your records will show whether they passed through during your regular working hours or off hours. Our access systems are based on time tested, user friendly software and allow for monitoring and control in remote sites throughout your existing network. Access control solutions (continued)
Vulnerability analysis Vulnerability analysis, also known as vulnerability assessment, is a process that defines, identifies, and classifies the security holes (vulnerabilities) in a computer, network, or communications infrastructure. In addition, vulnerability analysis can forecast the effectiveness of proposed countermeasures and evaluate their actual effectiveness after they are put into use.
Vulnerability analysis (continued) Vulnerability analysis consists of several steps: ๏ƒ˜ Defining and classifying network or system resources ๏ƒ˜ Assigning relative levels of importance to the resources ๏ƒ˜ Identifying potential threats to each resource ๏ƒ˜ Developing a strategy to deal with the most serious potential problems first ๏ƒ˜ Defining and implementing ways to minimize the consequences if an attack occurs.
Vulnerability analysis (continued) If security holes are found as a result of vulnerability analysis, a vulnerability disclosure may be required. The person or organization that discovers the vulnerability, or a responsible industry body such as the Computer Emergency Readiness Team (CERT), may make the disclosure. If the vulnerability is not classified as a high level threat, the vendor may be given a certain amount of time to fix the problem before the vulnerability is disclosed publicly.
Vulnerability analysis (continued) The third stage of vulnerability analysis (identifying potential threats) is sometimes performed by a white hat using ethical hacking techniques. Using this method to assess vulnerabilities, security experts deliberately probe a network or system to discover its weaknesses. This process provides guidelines for the development of countermeasures to prevent a genuine attack.
gap analysis A technique that businesses use to determine what steps need to be taken in order to move from its current state to its desired, future state. Also called need-gap analysis, needs analysis, and needs assessment.
gap analysis (continued) ๏ถ Listing of characteristic factors (such as attributes, competencies, performance levels) of the present situation ("what is") ๏ถ Listing factors needed to achieve future objectives ("what should be"), and then ๏ถ Highlighting the gaps that exist and need to be filled. Gap analysis forces a company to reflect on who it is and ask who they want to be in the future.
Penetration testing A penetration test is a proactive and authorized attempt to evaluate the security of an IT infrastructure. This is done by safely attempting to exploit system vulnerabilities such as: โ€ข The Operating System (OS) โ€ข Service and Application flaws โ€ข Improper Configurations โ€ข Validating the Efficiency of Defensive Mechanisms Such assessments are also useful in validating the efficiency of end-usersโ€™ adherence to company security policies.
Penetration testing (continued) A penetration test is a test whose results validate the risk posed by specific security vulnerabilities or flawed processes. This enables IT management and security professionals to prioritize remediation efforts. By embracing more frequent and comprehensive penetration testing, organizations can more effectively anticipate emerging security risks and prevent unauthorized access to critical systems and valuable information.
Web application security Web Application Security is an internet security audit, performed by experienced security professionals. A key feature of the service, and one which cannot be covered by relying solely on automated testing, is application testing. The service is designed to rigorously push the defenses of internet networks and applications.
Web application security (continued) It is suitable for commissioning, third party assurance, post-attack analysis, audit and regulatory purposes where independence and quality of service are important requirements. A final written report provides an analysis of any security or service problems discovered together with proposed solutions, links to detailed advisories and recommendations for improving the security of the service under test. The Web Application Testing service can be used to ensure compliance with PCI DSS v2.0 requirement 11.3, (penetration testing) as it includes both network and application layer testing.
Web application security (continued) Areas Covered by Web Application Testing ๏ฑ Configuration errors ๏ฑ Application loopholes in server code or scripts ๏ฑ Advice on data that could have been exposed due to past errors ๏ฑ Testing for known vulnerabilities ๏ฑ Reducing the risk and enticement to attack ๏ฑ Advice on fixes and future security plans
Web application security (continued) Typical Issues Discovered in an Application Test o Cross-site scripting o SQL injection o Server misconfigurations o Form/hidden field manipulation o Command injection o Cookie poisoning o Well-known platform vulnerabilities o Insecure use of cryptography
Web application security (continued) Typical Issues Discovered in an Application Test (continued) o Back doors and debug options o Errors triggering sensitive information leak o Broken ACLs/Weak passwords o Weak session management o Buffer overflows o Forceful browsing o CGI-BIN manipulation o Risk reduction to zero day exploits
Log analysis Log Analysis lets you analyze unstructured data to help identify, isolate and resolve problems. The software integrates data from multiple sources including logs, events, metrics, support documents and trouble tickets.
Network traffic analysis Network analysis is the process of capturing network traffic and inspecting it closely to determine what is happening on the network. This is accomplished by two different monitoring techniques: ๏ƒผ Router Based โ€“ Monitoring functionalities that are built into the routers themselves & do not require and additional installation of hardware or software. ๏ƒผ Non-Router Based - Monitoring techniques require additional hardware and software to be installed and provide greater flexibility.
Information security Policy design The first step to creating an effective information security policy is evaluating information assets and identifying threats to those assets. Some assets within an organization will be more valuable than others, but monetary value should not be the only factor. Determining both the monetary value and the intrinsic value of an asset is essential in accurately gauging its worth.
Information security Policy design (continued) To calculate an assetโ€™s monetary value: An organization should consider the impact if that assetโ€™s data, networks or systems are compromised in any way. To calculate an assetโ€™s intrinsic value: An organization must consider a security incidentโ€™s impact on credibility, reputation and relationships with key stakeholders.
Information security Policy design (continued) When assessing potential threats, external and internal threats must be considered. External threats include viruses, worms, Trojan horses, hacking attempts and anything that tries to break an organizationโ€™s security infrastructure from the OUTSIDE. Internal threats include abuse of critical systems and data, surfing objectionable Internet content, and inappropriate Internet use. The real costly danger with internal threats comes from perpetrators having extensive access to the network from the INSIDE.
Information security Policy design (continued) Since an information security policy will have an effect on people throughout the organization, a team should take the responsibility for drafting the policy together. This team should include executives, IT administrators, information security experts, human resource managers, public relations managers, legal counsel and IT auditors. Approval for the policy should come from the highest possible level in the corporate environment.
Security products identification There are several security products on the market. Here is a list of a few of those security products: Passport Laminates Passport laminates range from a clear film overlay to Covid holographic and Fasver printed security laminates, featuring overt, covert, and forensic security devices. All laminates are custom designed to suit the document and the application equipment.
Security products identification (continued) ID Card Laminates Covid holographic and Fasver printed security laminates protect ID cards against forgery and counterfeit attempts. Most companies will work with each client to create custom originations that integrate with the background artwork and personalized data to deliver cohesive designs that are attractive, original, easy to authenticate, and highly secure.
Security products identification (continued) Polycarbonate Solutions Polycarbonate solutions provide security both in and on identity documents and enable color personalization on ID cards. Fasver printed security layers can be embedded within polycarbonate cards and passport data pages to help authenticate genuine ID documents and prevent counterfeiting. Covid holographic patches add security to the cardโ€™s surface while protecting the Unichroma-enabled color personalized data.
Security products identification (continued) Seals, Labels, and Hot Stamp Foils Our seals, labels, and hot stamp foils are used by governments worldwide to protect signatures on official documents, and to secure and authenticate document pouches and vehicle stickers. Card Personalization Imagedata D2T2 ribbons generate vibrant colors and high-definition print for photos, background imagery, text, and bar codes, making them ideal for the personalization of secure and non-secure ID cards.
Cyber security surveys Forty-seven percent of surveyed organizations have suffered a cyber-attack in the past year โ€“ and a frightening 13 percent say they do not even know if they have been attacked. These are among the results of the 2013 Cyber Security Study conducted by Information Security Media Group and commissioned by Bit9.
Data leak prevention solutions Data leak prevention solution is a system that is designed to detect potential data breach or data ex-filtration transmissions and prevent them. It does this by monitoring, detecting and blocking sensitive data while in-use (endpoint actions), in-motion (network traffic), and at-rest (data storage). In data leakage incidents, sensitive data is disclosed to unauthorized personnel either by malicious intent or by an inadvertent mistake. Such sensitive data can come in the form of private or company information, intellectual property (IP), financial or patient information, credit-card data, and other information depending on the business and the industry.
Cyber hygiene Cyber hygiene refers to steps that computer users can take to improve their cybersecurity and better protect themselves online.
Cyber hygiene (continued) The best practices are not new technologies, but fairly common sense ideas that need to become part of an enterprise culture. The common practices are listed below: โ€ข Eliminate unnecessary data and keep tabs on what is left; โ€ข Ensure essential controls are met and regularly audit to in order consistent implementation; โ€ข Change default credentials; โ€ข Avoid shared credentials; โ€ข Implement a firewall or access control list (ACL) on remote access/administration services; โ€ข Utilize IP blacklisting;
Cyber hygiene (continued) The common practices are continued below: โ€ข Update anti-virus and other software consistently; โ€ข Audit user accounts; โ€ข Restrict and monitor privileged users; โ€ข Monitor and filter outbound network traffic; โ€ข Test applications and review codes; โ€ข Change the approach to event monitoring and log analysis; โ€ข Define โ€˜suspiciousโ€™ and โ€˜anomalousโ€™ (then look for whatever โ€˜itโ€™ is); โ€ข Increase awareness of social engineering; โ€ข Train employees and customers to look for signs tampering and fraud;
Cyber investigation A cyber investigation investigates those offences that are committed against individuals or groups of individuals with a criminal motive to intentionally harm the reputation of the victim or cause physical or mental harm to the victim directly or indirectly, using modern telecommunication networks such as Internet (Chat rooms, emails, notice boards and groups) and mobile phones (SMS/MMS).
Information security policy Information security policy is a set of policies issued by an organization to ensure that all information technology users within the domain of the organization or its networks comply with rules and guidelines related to the security of the information stored digitally at any point in the network or within the organization's boundaries of authority.
Comprehensive cyber security solution Government agencies need to proactively protect their critical applications, data and processes from external and internal threats throughout their entire life cycle. By taking a comprehensive and integrated approach to application vulnerability management, agencies can measurably improve operational security, mitigate risks, and reduce costs.
Cite list http://www.advancetechnology.com/electronic-security-access-control-solutions http://searchmidmarketsecurity.techtarget.com/definition/vulnerability-analysis http://www.businessdictionary.com/definition/gap-analysis.html#ixzz35hkTYaoA http://www.coresecurity.com/penetration-testing-overview http://www.netcraft.com/security-testing/web-application/ http://www-03.ibm.com/software/products/en/ibm-smartcloud-analytics---log- analysis http://www.cse.wustl.edu/~jain/cse567-06/ftp/net_monitoring.pdf
Cite list (continued) http://www.isaca.org/Journal/Past-Issues/2005/Volume-6/Pages/JOnline-Creating- and-Enforcing-an-Effective-Information-Security-Policy1.aspx http://www.itwsbi.com/Products/SecurityProducts.aspx https://www.bit9.com/resources/research-reports/2013-cyber-security-study/ http://vimeo.com/41847642 http://www.aig.com/Chartis/internet/US/en/CyberHygieneDocument_031214_tcm317 1-586930.pdf http://pursuitmag.com/cyber-crime-terms-and-definitions/ http://www.techopedia.com/definition/24838/information-security-policy http://www-304.ibm.com/industries/publicsector/us/en/contentemplate1/!!/xmlid=148819/
Computing with the โ€œCloudโ€ Most people when they here the word โ€œcloudโ€ they think of the clouds in the sky, that would be only logical. But from a computing standpoint, the โ€œCloudโ€ is simply a technology that uses the Internet and remote servers to: ๏ƒ˜ Maintain data and applications ๏ƒ˜ Allows users to access applications without installation . ๏ƒ˜ Allows users access to their personal files from any computer that has access to the Internet. ๏ƒ˜ Centralizes storage, memory, processing, and bandwidth.In regards to your Yahoo email account, that software is managed by Yahoo. Your Gmail account software is managed by Google.
HTTPS (HYPERTEXT TRANSFER PROTOCOL SECURE) โ€ข Install HTTPS Everywhere on your Web browser. โ€ข HTTPS Everywhere is a Firefox, Chrome, and Opera extension that encrypts any communication that you may have with major websites. โ€ข More specifically, this extension encrypts your Web browsing sessions, protecting you from hackers and spy agencies that scoop up unencrypted traffic across the Internet. http://www.youtube.com/watch?v=8nRlsaWfo30
Ad

Recommended

Enterprise IT Security Audit | Cyber Security Services
Enterprise IT Security Audit | Cyber Security ServicesEnterprise IT Security Audit | Cyber Security Services
Enterprise IT Security Audit | Cyber Security Services
Akshay Kurhade
ย 
NASA OIG Report
NASA OIG ReportNASA OIG Report
NASA OIG Report
Priyanka Aash
ย 
It security controls, plans, and procedures
It security controls, plans, and proceduresIt security controls, plans, and procedures
It security controls, plans, and procedures
CAS
ย 
Legal and ethical aspects
Legal and ethical aspectsLegal and ethical aspects
Legal and ethical aspects
CAS
ย 
Logging, monitoring and auditing
Logging, monitoring and auditingLogging, monitoring and auditing
Logging, monitoring and auditing
Piyush Jain
ย 
1. security management practices
1. security management practices1. security management practices
1. security management practices
7wounders
ย 
Vulnerability Assesment
Vulnerability AssesmentVulnerability Assesment
Vulnerability Assesment
Dedi Dwianto
ย 
A Case Study of the Capital One Data Breach
A Case Study of the Capital One Data BreachA Case Study of the Capital One Data Breach
A Case Study of the Capital One Data Breach
Anchises Moraes
ย 
Vulnerability Assessment and Penetration Testing Framework by Falgun Rathod
Vulnerability Assessment and Penetration Testing Framework by Falgun RathodVulnerability Assessment and Penetration Testing Framework by Falgun Rathod
Vulnerability Assessment and Penetration Testing Framework by Falgun Rathod
Falgun Rathod
ย 
Understanding security operation.pptx
Understanding security operation.pptxUnderstanding security operation.pptx
Understanding security operation.pptx
Piyush Jain
ย 
Integrating Physical And Logical Security
Integrating Physical And Logical SecurityIntegrating Physical And Logical Security
Integrating Physical And Logical Security
Jorge Sebastiao
ย 
Software security engineering
Software security engineeringSoftware security engineering
Software security engineering
AHM Pervej Kabir
ย 
IT Security management and risk assessment
IT Security management and risk assessmentIT Security management and risk assessment
IT Security management and risk assessment
CAS
ย 
SANS 2013 Critical Security Controls Survey
SANS 2013 Critical Security Controls SurveySANS 2013 Critical Security Controls Survey
SANS 2013 Critical Security Controls Survey
Edgar Alejandro Villegas
ย 
Physical Security Management System
Physical Security Management SystemPhysical Security Management System
Physical Security Management System
Daniel Suchy, CPP, MSyI
ย 
Information risk management
Information risk managementInformation risk management
Information risk management
Akash Saraswat
ย 
Chapter006
Chapter006Chapter006
Chapter006
Jeanie Delos Arcos
ย 
The 5 Layers of Security Testing by Alan Koch
The 5 Layers of Security Testing by Alan KochThe 5 Layers of Security Testing by Alan Koch
The 5 Layers of Security Testing by Alan Koch
QA or the Highway
ย 
Assessing Risk: Developing a Client/Server Security Architecture,
Assessing Risk: Developing a Client/Server Security Architecture, Assessing Risk: Developing a Client/Server Security Architecture,
Assessing Risk: Developing a Client/Server Security Architecture,
MITDaveMillaar
ย 
Security Management | System Administration
Security Management | System AdministrationSecurity Management | System Administration
Security Management | System Administration
Lisa Dowdell, MSISTM
ย 
Mini IT Security Assessment
Mini IT Security AssessmentMini IT Security Assessment
Mini IT Security Assessment
GuardEra Access Solutions, Inc.
ย 
information security(authentication application, Authentication and Access Co...
information security(authentication application, Authentication and Access Co...information security(authentication application, Authentication and Access Co...
information security(authentication application, Authentication and Access Co...
Zara Nawaz
ย 
SOC Architecture Workshop - Part 1
SOC Architecture Workshop - Part 1SOC Architecture Workshop - Part 1
SOC Architecture Workshop - Part 1
Priyanka Aash
ย 
Security Management Strategies and Defense and their uses.
Security Management Strategies and Defense and their uses.Security Management Strategies and Defense and their uses.
Security Management Strategies and Defense and their uses.
Computer engineering company
ย 
Infosec Workshop - PacINET 2007
Infosec Workshop - PacINET 2007Infosec Workshop - PacINET 2007
Infosec Workshop - PacINET 2007
Chris Hammond-Thrasher
ย 
Information security ist lecture
Information security ist lectureInformation security ist lecture
Information security ist lecture
Zara Nawaz
ย 
CISCO SECURITY INTELLIGENCE OPERATIONS SIO
CISCO SECURITY INTELLIGENCE OPERATIONS SIOCISCO SECURITY INTELLIGENCE OPERATIONS SIO
CISCO SECURITY INTELLIGENCE OPERATIONS SIO
Happy Sad
ย 
How to Audit Your Incident Response Plan
How to Audit Your Incident Response PlanHow to Audit Your Incident Response Plan
How to Audit Your Incident Response Plan
Resilient Systems
ย 
Introduction to Social Media for Researchers
Introduction to Social Media for ResearchersIntroduction to Social Media for Researchers
Introduction to Social Media for Researchers
Helen Dixon
ย 
The problem with Social Media
The problem with Social MediaThe problem with Social Media
The problem with Social Media
Ahsan (Ash) Khokhar
ย 
Ad

More Related Content

What's hot (20)

Vulnerability Assessment and Penetration Testing Framework by Falgun Rathod
Vulnerability Assessment and Penetration Testing Framework by Falgun RathodVulnerability Assessment and Penetration Testing Framework by Falgun Rathod
Vulnerability Assessment and Penetration Testing Framework by Falgun Rathod
Falgun Rathod
ย 
Understanding security operation.pptx
Understanding security operation.pptxUnderstanding security operation.pptx
Understanding security operation.pptx
Piyush Jain
ย 
Integrating Physical And Logical Security
Integrating Physical And Logical SecurityIntegrating Physical And Logical Security
Integrating Physical And Logical Security
Jorge Sebastiao
ย 
Software security engineering
Software security engineeringSoftware security engineering
Software security engineering
AHM Pervej Kabir
ย 
IT Security management and risk assessment
IT Security management and risk assessmentIT Security management and risk assessment
IT Security management and risk assessment
CAS
ย 
SANS 2013 Critical Security Controls Survey
SANS 2013 Critical Security Controls SurveySANS 2013 Critical Security Controls Survey
SANS 2013 Critical Security Controls Survey
Edgar Alejandro Villegas
ย 
Physical Security Management System
Physical Security Management SystemPhysical Security Management System
Physical Security Management System
Daniel Suchy, CPP, MSyI
ย 
Information risk management
Information risk managementInformation risk management
Information risk management
Akash Saraswat
ย 
Chapter006
Chapter006Chapter006
Chapter006
Jeanie Delos Arcos
ย 
The 5 Layers of Security Testing by Alan Koch
The 5 Layers of Security Testing by Alan KochThe 5 Layers of Security Testing by Alan Koch
The 5 Layers of Security Testing by Alan Koch
QA or the Highway
ย 
Assessing Risk: Developing a Client/Server Security Architecture,
Assessing Risk: Developing a Client/Server Security Architecture, Assessing Risk: Developing a Client/Server Security Architecture,
Assessing Risk: Developing a Client/Server Security Architecture,
MITDaveMillaar
ย 
Security Management | System Administration
Security Management | System AdministrationSecurity Management | System Administration
Security Management | System Administration
Lisa Dowdell, MSISTM
ย 
Mini IT Security Assessment
Mini IT Security AssessmentMini IT Security Assessment
Mini IT Security Assessment
GuardEra Access Solutions, Inc.
ย 
information security(authentication application, Authentication and Access Co...
information security(authentication application, Authentication and Access Co...information security(authentication application, Authentication and Access Co...
information security(authentication application, Authentication and Access Co...
Zara Nawaz
ย 
SOC Architecture Workshop - Part 1
SOC Architecture Workshop - Part 1SOC Architecture Workshop - Part 1
SOC Architecture Workshop - Part 1
Priyanka Aash
ย 
Security Management Strategies and Defense and their uses.
Security Management Strategies and Defense and their uses.Security Management Strategies and Defense and their uses.
Security Management Strategies and Defense and their uses.
Computer engineering company
ย 
Infosec Workshop - PacINET 2007
Infosec Workshop - PacINET 2007Infosec Workshop - PacINET 2007
Infosec Workshop - PacINET 2007
Chris Hammond-Thrasher
ย 
Information security ist lecture
Information security ist lectureInformation security ist lecture
Information security ist lecture
Zara Nawaz
ย 
CISCO SECURITY INTELLIGENCE OPERATIONS SIO
CISCO SECURITY INTELLIGENCE OPERATIONS SIOCISCO SECURITY INTELLIGENCE OPERATIONS SIO
CISCO SECURITY INTELLIGENCE OPERATIONS SIO
Happy Sad
ย 
How to Audit Your Incident Response Plan
How to Audit Your Incident Response PlanHow to Audit Your Incident Response Plan
How to Audit Your Incident Response Plan
Resilient Systems
ย 
Vulnerability Assessment and Penetration Testing Framework by Falgun Rathod
Vulnerability Assessment and Penetration Testing Framework by Falgun RathodVulnerability Assessment and Penetration Testing Framework by Falgun Rathod
Vulnerability Assessment and Penetration Testing Framework by Falgun Rathod
Falgun Rathod
ย 
Understanding security operation.pptx
Understanding security operation.pptxUnderstanding security operation.pptx
Understanding security operation.pptx
Piyush Jain
ย 
Integrating Physical And Logical Security
Integrating Physical And Logical SecurityIntegrating Physical And Logical Security
Integrating Physical And Logical Security
Jorge Sebastiao
ย 
Software security engineering
Software security engineeringSoftware security engineering
Software security engineering
AHM Pervej Kabir
ย 
IT Security management and risk assessment
IT Security management and risk assessmentIT Security management and risk assessment
IT Security management and risk assessment
CAS
ย 
SANS 2013 Critical Security Controls Survey
SANS 2013 Critical Security Controls SurveySANS 2013 Critical Security Controls Survey
SANS 2013 Critical Security Controls Survey
Edgar Alejandro Villegas
ย 
Physical Security Management System
Physical Security Management SystemPhysical Security Management System
Physical Security Management System
Daniel Suchy, CPP, MSyI
ย 
Information risk management
Information risk managementInformation risk management
Information risk management
Akash Saraswat
ย 
Chapter006
Chapter006Chapter006
Chapter006
Jeanie Delos Arcos
ย 
The 5 Layers of Security Testing by Alan Koch
The 5 Layers of Security Testing by Alan KochThe 5 Layers of Security Testing by Alan Koch
The 5 Layers of Security Testing by Alan Koch
QA or the Highway
ย 
Assessing Risk: Developing a Client/Server Security Architecture,
Assessing Risk: Developing a Client/Server Security Architecture, Assessing Risk: Developing a Client/Server Security Architecture,
Assessing Risk: Developing a Client/Server Security Architecture,
MITDaveMillaar
ย 
Security Management | System Administration
Security Management | System AdministrationSecurity Management | System Administration
Security Management | System Administration
Lisa Dowdell, MSISTM
ย 
Mini IT Security Assessment
Mini IT Security AssessmentMini IT Security Assessment
Mini IT Security Assessment
GuardEra Access Solutions, Inc.
ย 
information security(authentication application, Authentication and Access Co...
information security(authentication application, Authentication and Access Co...information security(authentication application, Authentication and Access Co...
information security(authentication application, Authentication and Access Co...
Zara Nawaz
ย 
SOC Architecture Workshop - Part 1
SOC Architecture Workshop - Part 1SOC Architecture Workshop - Part 1
SOC Architecture Workshop - Part 1
Priyanka Aash
ย 
Security Management Strategies and Defense and their uses.
Security Management Strategies and Defense and their uses.Security Management Strategies and Defense and their uses.
Security Management Strategies and Defense and their uses.
Computer engineering company
ย 
Infosec Workshop - PacINET 2007
Infosec Workshop - PacINET 2007Infosec Workshop - PacINET 2007
Infosec Workshop - PacINET 2007
Chris Hammond-Thrasher
ย 
Information security ist lecture
Information security ist lectureInformation security ist lecture
Information security ist lecture
Zara Nawaz
ย 
CISCO SECURITY INTELLIGENCE OPERATIONS SIO
CISCO SECURITY INTELLIGENCE OPERATIONS SIOCISCO SECURITY INTELLIGENCE OPERATIONS SIO
CISCO SECURITY INTELLIGENCE OPERATIONS SIO
Happy Sad
ย 
How to Audit Your Incident Response Plan
How to Audit Your Incident Response PlanHow to Audit Your Incident Response Plan
How to Audit Your Incident Response Plan
Resilient Systems
ย 

Viewers also liked (10)

Introduction to Social Media for Researchers
Introduction to Social Media for ResearchersIntroduction to Social Media for Researchers
Introduction to Social Media for Researchers
Helen Dixon
ย 
The problem with Social Media
The problem with Social MediaThe problem with Social Media
The problem with Social Media
Ahsan (Ash) Khokhar
ย 
Social media ethical issues jotham wasike
Social media ethical issues jotham wasikeSocial media ethical issues jotham wasike
Social media ethical issues jotham wasike
Francis Mwangi
ย 
Hydration and the role of Sports Drinks
Hydration and the role of Sports DrinksHydration and the role of Sports Drinks
Hydration and the role of Sports Drinks
Iain82
ย 
Social Media Risks
Social Media RisksSocial Media Risks
Social Media Risks
Giorgos Cheliotis
ย 
foreign workers in Malaysia
foreign workers in Malaysiaforeign workers in Malaysia
foreign workers in Malaysia
Zakinan Nawaz
ย 
USE OF SOCIAL NETWORKS AND ITS EFFECTS ON STUDENTS
USE OF SOCIAL NETWORKS AND ITS EFFECTS ON STUDENTS USE OF SOCIAL NETWORKS AND ITS EFFECTS ON STUDENTS
USE OF SOCIAL NETWORKS AND ITS EFFECTS ON STUDENTS
Mahesh Kodituwakku
ย 
Social Data Mining
Social Data MiningSocial Data Mining
Social Data Mining
Mahesh Meniya
ย 
THE EFFECTS OF SOCIAL NETWORKING SITES ON THE ACADEMIC PERFORMANCE OF STUDENT...
THE EFFECTS OF SOCIAL NETWORKING SITES ON THE ACADEMIC PERFORMANCE OF STUDENT...THE EFFECTS OF SOCIAL NETWORKING SITES ON THE ACADEMIC PERFORMANCE OF STUDENT...
THE EFFECTS OF SOCIAL NETWORKING SITES ON THE ACADEMIC PERFORMANCE OF STUDENT...
Kasthuripriya Nanda Kumar
ย 
Social Media and its effects on youth
Social Media and its effects on youthSocial Media and its effects on youth
Social Media and its effects on youth
Abhishek Jain
ย 
Introduction to Social Media for Researchers
Introduction to Social Media for ResearchersIntroduction to Social Media for Researchers
Introduction to Social Media for Researchers
Helen Dixon
ย 
The problem with Social Media
The problem with Social MediaThe problem with Social Media
The problem with Social Media
Ahsan (Ash) Khokhar
ย 
Social media ethical issues jotham wasike
Social media ethical issues jotham wasikeSocial media ethical issues jotham wasike
Social media ethical issues jotham wasike
Francis Mwangi
ย 
Hydration and the role of Sports Drinks
Hydration and the role of Sports DrinksHydration and the role of Sports Drinks
Hydration and the role of Sports Drinks
Iain82
ย 
Social Media Risks
Social Media RisksSocial Media Risks
Social Media Risks
Giorgos Cheliotis
ย 
foreign workers in Malaysia
foreign workers in Malaysiaforeign workers in Malaysia
foreign workers in Malaysia
Zakinan Nawaz
ย 
USE OF SOCIAL NETWORKS AND ITS EFFECTS ON STUDENTS
USE OF SOCIAL NETWORKS AND ITS EFFECTS ON STUDENTS USE OF SOCIAL NETWORKS AND ITS EFFECTS ON STUDENTS
USE OF SOCIAL NETWORKS AND ITS EFFECTS ON STUDENTS
Mahesh Kodituwakku
ย 
Social Data Mining
Social Data MiningSocial Data Mining
Social Data Mining
Mahesh Meniya
ย 
THE EFFECTS OF SOCIAL NETWORKING SITES ON THE ACADEMIC PERFORMANCE OF STUDENT...
THE EFFECTS OF SOCIAL NETWORKING SITES ON THE ACADEMIC PERFORMANCE OF STUDENT...THE EFFECTS OF SOCIAL NETWORKING SITES ON THE ACADEMIC PERFORMANCE OF STUDENT...
THE EFFECTS OF SOCIAL NETWORKING SITES ON THE ACADEMIC PERFORMANCE OF STUDENT...
Kasthuripriya Nanda Kumar
ย 
Social Media and its effects on youth
Social Media and its effects on youthSocial Media and its effects on youth
Social Media and its effects on youth
Abhishek Jain
ย 
Ad

Similar to Phi 235 social media security users guide presentation (20)

Best Practices, Types, and Tools for Security Testing in 2023.docx
Best Practices, Types, and Tools for Security Testing in 2023.docxBest Practices, Types, and Tools for Security Testing in 2023.docx
Best Practices, Types, and Tools for Security Testing in 2023.docx
Afour tech
ย 
Exploring the Key Types of Cybersecurity Testing
Exploring the Key Types of Cybersecurity TestingExploring the Key Types of Cybersecurity Testing
Exploring the Key Types of Cybersecurity Testing
jatniwalafizza786
ย 
17-MOD 6 Conducting Security Audits & MOD 7 Information Security Audit Prepar...
17-MOD 6 Conducting Security Audits & MOD 7 Information Security Audit Prepar...17-MOD 6 Conducting Security Audits & MOD 7 Information Security Audit Prepar...
17-MOD 6 Conducting Security Audits & MOD 7 Information Security Audit Prepar...
abhichowdary16
ย 
(VAPT) Vulnerability Assessment And Penetration Testing
(VAPT) Vulnerability Assessment And Penetration Testing(VAPT) Vulnerability Assessment And Penetration Testing
(VAPT) Vulnerability Assessment And Penetration Testing
Bluechip Gulf IT Services
ย 
What is Security Testing Presentation download
What is Security Testing Presentation downloadWhat is Security Testing Presentation download
What is Security Testing Presentation download
Rosy G
ย 
Backtrack manual Part1
Backtrack manual Part1Backtrack manual Part1
Backtrack manual Part1
Nutan Kumar Panda
ย 
Cyber Security Analyst Interview Questions: Download our white paper
Cyber Security Analyst Interview Questions: Download our white paperCyber Security Analyst Interview Questions: Download our white paper
Cyber Security Analyst Interview Questions: Download our white paper
InfosecTrain
ย 
๐“๐จ๐ฉ ๐‚๐ฒ๐›๐ž๐ซ๐ฌ๐ž๐œ๐ฎ๐ซ๐ข๐ญ๐ฒ ๐€๐ง๐š๐ฅ๐ฒ๐ฌ๐ญ ๐ˆ๐ง๐ญ๐ž๐ซ๐ฏ๐ข๐ž๐ฐ ๐๐ฎ๐ž๐ฌ๐ญ๐ข๐จ๐ง๐ฌ: ๐ƒ๐จ๐ฐ๐ง๐ฅ๐จ๐š๐ ๐Ž๐ฎ๐ซ ๐—ช๐—ต๐—ถ๐˜๐—ฒ ๐—ฃ๐—ฎ๐—ฝ๐—ฒ๐—ฟ!
๐“๐จ๐ฉ ๐‚๐ฒ๐›๐ž๐ซ๐ฌ๐ž๐œ๐ฎ๐ซ๐ข๐ญ๐ฒ ๐€๐ง๐š๐ฅ๐ฒ๐ฌ๐ญ ๐ˆ๐ง๐ญ๐ž๐ซ๐ฏ๐ข๐ž๐ฐ ๐๐ฎ๐ž๐ฌ๐ญ๐ข๐จ๐ง๐ฌ: ๐ƒ๐จ๐ฐ๐ง๐ฅ๐จ๐š๐ ๐Ž๐ฎ๐ซ ๐—ช๐—ต๐—ถ๐˜๐—ฒ ๐—ฃ๐—ฎ๐—ฝ๐—ฒ๐—ฟ!๐“๐จ๐ฉ ๐‚๐ฒ๐›๐ž๐ซ๐ฌ๐ž๐œ๐ฎ๐ซ๐ข๐ญ๐ฒ ๐€๐ง๐š๐ฅ๐ฒ๐ฌ๐ญ ๐ˆ๐ง๐ญ๐ž๐ซ๐ฏ๐ข๐ž๐ฐ ๐๐ฎ๐ž๐ฌ๐ญ๐ข๐จ๐ง๐ฌ: ๐ƒ๐จ๐ฐ๐ง๐ฅ๐จ๐š๐ ๐Ž๐ฎ๐ซ ๐—ช๐—ต๐—ถ๐˜๐—ฒ ๐—ฃ๐—ฎ๐—ฝ๐—ฒ๐—ฟ!
๐“๐จ๐ฉ ๐‚๐ฒ๐›๐ž๐ซ๐ฌ๐ž๐œ๐ฎ๐ซ๐ข๐ญ๐ฒ ๐€๐ง๐š๐ฅ๐ฒ๐ฌ๐ญ ๐ˆ๐ง๐ญ๐ž๐ซ๐ฏ๐ข๐ž๐ฐ ๐๐ฎ๐ž๐ฌ๐ญ๐ข๐จ๐ง๐ฌ: ๐ƒ๐จ๐ฐ๐ง๐ฅ๐จ๐š๐ ๐Ž๐ฎ๐ซ ๐—ช๐—ต๐—ถ๐˜๐—ฒ ๐—ฃ๐—ฎ๐—ฝ๐—ฒ๐—ฟ!
Mansi Kandari
ย 
Cybersecurity Analyst Interview Questions for 2024.pdf
Cybersecurity Analyst Interview Questions for 2024.pdfCybersecurity Analyst Interview Questions for 2024.pdf
Cybersecurity Analyst Interview Questions for 2024.pdf
infosec train
ย 
Top Cybersecurity Analyst Interview Questions: Download InfosecTrainโ€™s White ...
Top Cybersecurity Analyst Interview Questions: Download InfosecTrainโ€™s White ...Top Cybersecurity Analyst Interview Questions: Download InfosecTrainโ€™s White ...
Top Cybersecurity Analyst Interview Questions: Download InfosecTrainโ€™s White ...
infosecTrain
ย 
InfosecTrain Cybersecurity Analyst Interview Questions
InfosecTrain Cybersecurity Analyst Interview QuestionsInfosecTrain Cybersecurity Analyst Interview Questions
InfosecTrain Cybersecurity Analyst Interview Questions
priyanshamadhwal2
ย 
How to Conduct Penetration Testing for Websites.pptx.pdf
How to Conduct Penetration Testing for Websites.pptx.pdfHow to Conduct Penetration Testing for Websites.pptx.pdf
How to Conduct Penetration Testing for Websites.pptx.pdf
Rosy G
ย 
What is penetration testing and why is it important for a business to invest ...
What is penetration testing and why is it important for a business to invest ...What is penetration testing and why is it important for a business to invest ...
What is penetration testing and why is it important for a business to invest ...
Alisha Henderson
ย 
Cyber Security Interview Analyst Questions.pdf
Cyber Security Interview Analyst Questions.pdfCyber Security Interview Analyst Questions.pdf
Cyber Security Interview Analyst Questions.pdf
InfosecTrain
ย 
Cybersecurity Analyst Interview Questions.pdf
Cybersecurity Analyst Interview Questions.pdfCybersecurity Analyst Interview Questions.pdf
Cybersecurity Analyst Interview Questions.pdf
infosec train
ย 
Cybersecurity Analyst Interview Questions and Answers.pdf
Cybersecurity Analyst Interview Questions and Answers.pdfCybersecurity Analyst Interview Questions and Answers.pdf
Cybersecurity Analyst Interview Questions and Answers.pdf
infosecTrain
ย 
Cybersecurity Analyst Interview Questions By InfosecTrain
Cybersecurity Analyst Interview Questions By InfosecTrainCybersecurity Analyst Interview Questions By InfosecTrain
Cybersecurity Analyst Interview Questions By InfosecTrain
priyanshamadhwal2
ย 
CompTIA CySA Domain 3 Security Operations and Monitoring.pptx
CompTIA CySA Domain 3 Security Operations and Monitoring.pptxCompTIA CySA Domain 3 Security Operations and Monitoring.pptx
CompTIA CySA Domain 3 Security Operations and Monitoring.pptx
Infosectrain3
ย 
Project Quality-SIPOCSelect a process of your choice and creat.docx
Project Quality-SIPOCSelect a process of your choice and creat.docxProject Quality-SIPOCSelect a process of your choice and creat.docx
Project Quality-SIPOCSelect a process of your choice and creat.docx
wkyra78
ย 
Running Head RISK, THREAT AND VULNERABILITY MANAGEMENT .docx
Running Head RISK, THREAT AND VULNERABILITY MANAGEMENT .docxRunning Head RISK, THREAT AND VULNERABILITY MANAGEMENT .docx
Running Head RISK, THREAT AND VULNERABILITY MANAGEMENT .docx
jeanettehully
ย 
Best Practices, Types, and Tools for Security Testing in 2023.docx
Best Practices, Types, and Tools for Security Testing in 2023.docxBest Practices, Types, and Tools for Security Testing in 2023.docx
Best Practices, Types, and Tools for Security Testing in 2023.docx
Afour tech
ย 
Exploring the Key Types of Cybersecurity Testing
Exploring the Key Types of Cybersecurity TestingExploring the Key Types of Cybersecurity Testing
Exploring the Key Types of Cybersecurity Testing
jatniwalafizza786
ย 
17-MOD 6 Conducting Security Audits & MOD 7 Information Security Audit Prepar...
17-MOD 6 Conducting Security Audits & MOD 7 Information Security Audit Prepar...17-MOD 6 Conducting Security Audits & MOD 7 Information Security Audit Prepar...
17-MOD 6 Conducting Security Audits & MOD 7 Information Security Audit Prepar...
abhichowdary16
ย 
(VAPT) Vulnerability Assessment And Penetration Testing
(VAPT) Vulnerability Assessment And Penetration Testing(VAPT) Vulnerability Assessment And Penetration Testing
(VAPT) Vulnerability Assessment And Penetration Testing
Bluechip Gulf IT Services
ย 
What is Security Testing Presentation download
What is Security Testing Presentation downloadWhat is Security Testing Presentation download
What is Security Testing Presentation download
Rosy G
ย 
Backtrack manual Part1
Backtrack manual Part1Backtrack manual Part1
Backtrack manual Part1
Nutan Kumar Panda
ย 
Cyber Security Analyst Interview Questions: Download our white paper
Cyber Security Analyst Interview Questions: Download our white paperCyber Security Analyst Interview Questions: Download our white paper
Cyber Security Analyst Interview Questions: Download our white paper
InfosecTrain
ย 
๐“๐จ๐ฉ ๐‚๐ฒ๐›๐ž๐ซ๐ฌ๐ž๐œ๐ฎ๐ซ๐ข๐ญ๐ฒ ๐€๐ง๐š๐ฅ๐ฒ๐ฌ๐ญ ๐ˆ๐ง๐ญ๐ž๐ซ๐ฏ๐ข๐ž๐ฐ ๐๐ฎ๐ž๐ฌ๐ญ๐ข๐จ๐ง๐ฌ: ๐ƒ๐จ๐ฐ๐ง๐ฅ๐จ๐š๐ ๐Ž๐ฎ๐ซ ๐—ช๐—ต๐—ถ๐˜๐—ฒ ๐—ฃ๐—ฎ๐—ฝ๐—ฒ๐—ฟ!
๐“๐จ๐ฉ ๐‚๐ฒ๐›๐ž๐ซ๐ฌ๐ž๐œ๐ฎ๐ซ๐ข๐ญ๐ฒ ๐€๐ง๐š๐ฅ๐ฒ๐ฌ๐ญ ๐ˆ๐ง๐ญ๐ž๐ซ๐ฏ๐ข๐ž๐ฐ ๐๐ฎ๐ž๐ฌ๐ญ๐ข๐จ๐ง๐ฌ: ๐ƒ๐จ๐ฐ๐ง๐ฅ๐จ๐š๐ ๐Ž๐ฎ๐ซ ๐—ช๐—ต๐—ถ๐˜๐—ฒ ๐—ฃ๐—ฎ๐—ฝ๐—ฒ๐—ฟ!๐“๐จ๐ฉ ๐‚๐ฒ๐›๐ž๐ซ๐ฌ๐ž๐œ๐ฎ๐ซ๐ข๐ญ๐ฒ ๐€๐ง๐š๐ฅ๐ฒ๐ฌ๐ญ ๐ˆ๐ง๐ญ๐ž๐ซ๐ฏ๐ข๐ž๐ฐ ๐๐ฎ๐ž๐ฌ๐ญ๐ข๐จ๐ง๐ฌ: ๐ƒ๐จ๐ฐ๐ง๐ฅ๐จ๐š๐ ๐Ž๐ฎ๐ซ ๐—ช๐—ต๐—ถ๐˜๐—ฒ ๐—ฃ๐—ฎ๐—ฝ๐—ฒ๐—ฟ!
๐“๐จ๐ฉ ๐‚๐ฒ๐›๐ž๐ซ๐ฌ๐ž๐œ๐ฎ๐ซ๐ข๐ญ๐ฒ ๐€๐ง๐š๐ฅ๐ฒ๐ฌ๐ญ ๐ˆ๐ง๐ญ๐ž๐ซ๐ฏ๐ข๐ž๐ฐ ๐๐ฎ๐ž๐ฌ๐ญ๐ข๐จ๐ง๐ฌ: ๐ƒ๐จ๐ฐ๐ง๐ฅ๐จ๐š๐ ๐Ž๐ฎ๐ซ ๐—ช๐—ต๐—ถ๐˜๐—ฒ ๐—ฃ๐—ฎ๐—ฝ๐—ฒ๐—ฟ!
Mansi Kandari
ย 
Cybersecurity Analyst Interview Questions for 2024.pdf
Cybersecurity Analyst Interview Questions for 2024.pdfCybersecurity Analyst Interview Questions for 2024.pdf
Cybersecurity Analyst Interview Questions for 2024.pdf
infosec train
ย 
Top Cybersecurity Analyst Interview Questions: Download InfosecTrainโ€™s White ...
Top Cybersecurity Analyst Interview Questions: Download InfosecTrainโ€™s White ...Top Cybersecurity Analyst Interview Questions: Download InfosecTrainโ€™s White ...
Top Cybersecurity Analyst Interview Questions: Download InfosecTrainโ€™s White ...
infosecTrain
ย 
InfosecTrain Cybersecurity Analyst Interview Questions
InfosecTrain Cybersecurity Analyst Interview QuestionsInfosecTrain Cybersecurity Analyst Interview Questions
InfosecTrain Cybersecurity Analyst Interview Questions
priyanshamadhwal2
ย 
How to Conduct Penetration Testing for Websites.pptx.pdf
How to Conduct Penetration Testing for Websites.pptx.pdfHow to Conduct Penetration Testing for Websites.pptx.pdf
How to Conduct Penetration Testing for Websites.pptx.pdf
Rosy G
ย 
What is penetration testing and why is it important for a business to invest ...
What is penetration testing and why is it important for a business to invest ...What is penetration testing and why is it important for a business to invest ...
What is penetration testing and why is it important for a business to invest ...
Alisha Henderson
ย 
Cyber Security Interview Analyst Questions.pdf
Cyber Security Interview Analyst Questions.pdfCyber Security Interview Analyst Questions.pdf
Cyber Security Interview Analyst Questions.pdf
InfosecTrain
ย 
Cybersecurity Analyst Interview Questions.pdf
Cybersecurity Analyst Interview Questions.pdfCybersecurity Analyst Interview Questions.pdf
Cybersecurity Analyst Interview Questions.pdf
infosec train
ย 
Cybersecurity Analyst Interview Questions and Answers.pdf
Cybersecurity Analyst Interview Questions and Answers.pdfCybersecurity Analyst Interview Questions and Answers.pdf
Cybersecurity Analyst Interview Questions and Answers.pdf
infosecTrain
ย 
Cybersecurity Analyst Interview Questions By InfosecTrain
Cybersecurity Analyst Interview Questions By InfosecTrainCybersecurity Analyst Interview Questions By InfosecTrain
Cybersecurity Analyst Interview Questions By InfosecTrain
priyanshamadhwal2
ย 
CompTIA CySA Domain 3 Security Operations and Monitoring.pptx
CompTIA CySA Domain 3 Security Operations and Monitoring.pptxCompTIA CySA Domain 3 Security Operations and Monitoring.pptx
CompTIA CySA Domain 3 Security Operations and Monitoring.pptx
Infosectrain3
ย 
Project Quality-SIPOCSelect a process of your choice and creat.docx
Project Quality-SIPOCSelect a process of your choice and creat.docxProject Quality-SIPOCSelect a process of your choice and creat.docx
Project Quality-SIPOCSelect a process of your choice and creat.docx
wkyra78
ย 
Running Head RISK, THREAT AND VULNERABILITY MANAGEMENT .docx
Running Head RISK, THREAT AND VULNERABILITY MANAGEMENT .docxRunning Head RISK, THREAT AND VULNERABILITY MANAGEMENT .docx
Running Head RISK, THREAT AND VULNERABILITY MANAGEMENT .docx
jeanettehully
ย 
Ad

Recently uploaded (20)

Metamorphosis: Life's Transformative Journey
Metamorphosis: Life's Transformative JourneyMetamorphosis: Life's Transformative Journey
Metamorphosis: Life's Transformative Journey
Arshad Shaikh
ย 
Political History of Pala dynasty Pala Rulers NEP.pptx
Political History of Pala dynasty Pala Rulers NEP.pptxPolitical History of Pala dynasty Pala Rulers NEP.pptx
Political History of Pala dynasty Pala Rulers NEP.pptx
Arya Mahila P. G. College, Banaras Hindu University, Varanasi, India.
ย 
apa-style-referencing-visual-guide-2025.pdf
apa-style-referencing-visual-guide-2025.pdfapa-style-referencing-visual-guide-2025.pdf
apa-style-referencing-visual-guide-2025.pdf
Ishika Ghosh
ย 
How to Set warnings for invoicing specific customers in odoo
How to Set warnings for invoicing specific customers in odooHow to Set warnings for invoicing specific customers in odoo
How to Set warnings for invoicing specific customers in odoo
Celine George
ย 
K12 Tableau Tuesday - Algebra Equity and Access in Atlanta Public Schools
K12 Tableau Tuesday - Algebra Equity and Access in Atlanta Public SchoolsK12 Tableau Tuesday - Algebra Equity and Access in Atlanta Public Schools
K12 Tableau Tuesday - Algebra Equity and Access in Atlanta Public Schools
dogden2
ย 
Phoenix โ€“ A Collaborative Renewal of Childrenโ€™s and Young Peopleโ€™s Services C...
Phoenix โ€“ A Collaborative Renewal of Childrenโ€™s and Young Peopleโ€™s Services C...Phoenix โ€“ A Collaborative Renewal of Childrenโ€™s and Young Peopleโ€™s Services C...
Phoenix โ€“ A Collaborative Renewal of Childrenโ€™s and Young Peopleโ€™s Services C...
Library Association of Ireland
ย 
Anti-Depressants pharmacology 1slide.pptx
Anti-Depressants pharmacology 1slide.pptxAnti-Depressants pharmacology 1slide.pptx
Anti-Depressants pharmacology 1slide.pptx
Mayuri Chavan
ย 
GDGLSPGCOER - Git and GitHub Workshop.pptx
GDGLSPGCOER - Git and GitHub Workshop.pptxGDGLSPGCOER - Git and GitHub Workshop.pptx
GDGLSPGCOER - Git and GitHub Workshop.pptx
azeenhodekar
ย 
Presentation on Tourism Product Development By Md Shaifullar Rabbi
Presentation on Tourism Product Development By Md Shaifullar RabbiPresentation on Tourism Product Development By Md Shaifullar Rabbi
Presentation on Tourism Product Development By Md Shaifullar Rabbi
Md Shaifullar Rabbi
ย 
How to track Cost and Revenue using Analytic Accounts in odoo Accounting, App...
How to track Cost and Revenue using Analytic Accounts in odoo Accounting, App...How to track Cost and Revenue using Analytic Accounts in odoo Accounting, App...
How to track Cost and Revenue using Analytic Accounts in odoo Accounting, App...
Celine George
ย 
SCI BIZ TECH QUIZ (OPEN) PRELIMS XTASY 2025.pptx
SCI BIZ TECH QUIZ (OPEN) PRELIMS XTASY 2025.pptxSCI BIZ TECH QUIZ (OPEN) PRELIMS XTASY 2025.pptx
SCI BIZ TECH QUIZ (OPEN) PRELIMS XTASY 2025.pptx
Ronisha Das
ย 
SPRING FESTIVITIES - UK AND USA -
SPRING FESTIVITIES - UK AND USA -SPRING FESTIVITIES - UK AND USA -
SPRING FESTIVITIES - UK AND USA -
Colรฉgio Santa Teresinha
ย 
Exploring-Substances-Acidic-Basic-and-Neutral.pdf
Exploring-Substances-Acidic-Basic-and-Neutral.pdfExploring-Substances-Acidic-Basic-and-Neutral.pdf
Exploring-Substances-Acidic-Basic-and-Neutral.pdf
Sandeep Swamy
ย 
Multi-currency in odoo accounting and Update exchange rates automatically in ...
Multi-currency in odoo accounting and Update exchange rates automatically in ...Multi-currency in odoo accounting and Update exchange rates automatically in ...
Multi-currency in odoo accounting and Update exchange rates automatically in ...
Celine George
ย 
Ultimate VMware 2V0-11.25 Exam Dumps for Exam Success
Ultimate VMware 2V0-11.25 Exam Dumps for Exam SuccessUltimate VMware 2V0-11.25 Exam Dumps for Exam Success
Ultimate VMware 2V0-11.25 Exam Dumps for Exam Success
Mark Soia
ย 
Operations Management (Dr. Abdulfatah Salem).pdf
Operations Management (Dr. Abdulfatah Salem).pdfOperations Management (Dr. Abdulfatah Salem).pdf
Operations Management (Dr. Abdulfatah Salem).pdf
Arab Academy for Science, Technology and Maritime Transport
ย 
LDMMIA Reiki Master Spring 2025 Mini Updates
LDMMIA Reiki Master Spring 2025 Mini UpdatesLDMMIA Reiki Master Spring 2025 Mini Updates
LDMMIA Reiki Master Spring 2025 Mini Updates
LDM Mia eStudios
ย 
Presentation of the MIPLM subject matter expert Erdem Kaya
Presentation of the MIPLM subject matter expert Erdem KayaPresentation of the MIPLM subject matter expert Erdem Kaya
Presentation of the MIPLM subject matter expert Erdem Kaya
MIPLM
ย 
Handling Multiple Choice Responses: Fortune Effiong.pptx
Handling Multiple Choice Responses: Fortune Effiong.pptxHandling Multiple Choice Responses: Fortune Effiong.pptx
Handling Multiple Choice Responses: Fortune Effiong.pptx
AuthorAIDNationalRes
ย 
Stein, Hunt, Green letter to Congress April 2025
Stein, Hunt, Green letter to Congress April 2025Stein, Hunt, Green letter to Congress April 2025
Stein, Hunt, Green letter to Congress April 2025
Mebane Rash
ย 
Metamorphosis: Life's Transformative Journey
Metamorphosis: Life's Transformative JourneyMetamorphosis: Life's Transformative Journey
Metamorphosis: Life's Transformative Journey
Arshad Shaikh
ย 
Political History of Pala dynasty Pala Rulers NEP.pptx
Political History of Pala dynasty Pala Rulers NEP.pptxPolitical History of Pala dynasty Pala Rulers NEP.pptx
Political History of Pala dynasty Pala Rulers NEP.pptx
Arya Mahila P. G. College, Banaras Hindu University, Varanasi, India.
ย 
apa-style-referencing-visual-guide-2025.pdf
apa-style-referencing-visual-guide-2025.pdfapa-style-referencing-visual-guide-2025.pdf
apa-style-referencing-visual-guide-2025.pdf
Ishika Ghosh
ย 
How to Set warnings for invoicing specific customers in odoo
How to Set warnings for invoicing specific customers in odooHow to Set warnings for invoicing specific customers in odoo
How to Set warnings for invoicing specific customers in odoo
Celine George
ย 
K12 Tableau Tuesday - Algebra Equity and Access in Atlanta Public Schools
K12 Tableau Tuesday - Algebra Equity and Access in Atlanta Public SchoolsK12 Tableau Tuesday - Algebra Equity and Access in Atlanta Public Schools
K12 Tableau Tuesday - Algebra Equity and Access in Atlanta Public Schools
dogden2
ย 
Phoenix โ€“ A Collaborative Renewal of Childrenโ€™s and Young Peopleโ€™s Services C...
Phoenix โ€“ A Collaborative Renewal of Childrenโ€™s and Young Peopleโ€™s Services C...Phoenix โ€“ A Collaborative Renewal of Childrenโ€™s and Young Peopleโ€™s Services C...
Phoenix โ€“ A Collaborative Renewal of Childrenโ€™s and Young Peopleโ€™s Services C...
Library Association of Ireland
ย 
Anti-Depressants pharmacology 1slide.pptx
Anti-Depressants pharmacology 1slide.pptxAnti-Depressants pharmacology 1slide.pptx
Anti-Depressants pharmacology 1slide.pptx
Mayuri Chavan
ย 
GDGLSPGCOER - Git and GitHub Workshop.pptx
GDGLSPGCOER - Git and GitHub Workshop.pptxGDGLSPGCOER - Git and GitHub Workshop.pptx
GDGLSPGCOER - Git and GitHub Workshop.pptx
azeenhodekar
ย 
Presentation on Tourism Product Development By Md Shaifullar Rabbi
Presentation on Tourism Product Development By Md Shaifullar RabbiPresentation on Tourism Product Development By Md Shaifullar Rabbi
Presentation on Tourism Product Development By Md Shaifullar Rabbi
Md Shaifullar Rabbi
ย 
How to track Cost and Revenue using Analytic Accounts in odoo Accounting, App...
How to track Cost and Revenue using Analytic Accounts in odoo Accounting, App...How to track Cost and Revenue using Analytic Accounts in odoo Accounting, App...
How to track Cost and Revenue using Analytic Accounts in odoo Accounting, App...
Celine George
ย 
SCI BIZ TECH QUIZ (OPEN) PRELIMS XTASY 2025.pptx
SCI BIZ TECH QUIZ (OPEN) PRELIMS XTASY 2025.pptxSCI BIZ TECH QUIZ (OPEN) PRELIMS XTASY 2025.pptx
SCI BIZ TECH QUIZ (OPEN) PRELIMS XTASY 2025.pptx
Ronisha Das
ย 
SPRING FESTIVITIES - UK AND USA -
SPRING FESTIVITIES - UK AND USA -SPRING FESTIVITIES - UK AND USA -
SPRING FESTIVITIES - UK AND USA -
Colรฉgio Santa Teresinha
ย 
Exploring-Substances-Acidic-Basic-and-Neutral.pdf
Exploring-Substances-Acidic-Basic-and-Neutral.pdfExploring-Substances-Acidic-Basic-and-Neutral.pdf
Exploring-Substances-Acidic-Basic-and-Neutral.pdf
Sandeep Swamy
ย 
Multi-currency in odoo accounting and Update exchange rates automatically in ...
Multi-currency in odoo accounting and Update exchange rates automatically in ...Multi-currency in odoo accounting and Update exchange rates automatically in ...
Multi-currency in odoo accounting and Update exchange rates automatically in ...
Celine George
ย 
Ultimate VMware 2V0-11.25 Exam Dumps for Exam Success
Ultimate VMware 2V0-11.25 Exam Dumps for Exam SuccessUltimate VMware 2V0-11.25 Exam Dumps for Exam Success
Ultimate VMware 2V0-11.25 Exam Dumps for Exam Success
Mark Soia
ย 
Operations Management (Dr. Abdulfatah Salem).pdf
Operations Management (Dr. Abdulfatah Salem).pdfOperations Management (Dr. Abdulfatah Salem).pdf
Operations Management (Dr. Abdulfatah Salem).pdf
Arab Academy for Science, Technology and Maritime Transport
ย 
LDMMIA Reiki Master Spring 2025 Mini Updates
LDMMIA Reiki Master Spring 2025 Mini UpdatesLDMMIA Reiki Master Spring 2025 Mini Updates
LDMMIA Reiki Master Spring 2025 Mini Updates
LDM Mia eStudios
ย 
Presentation of the MIPLM subject matter expert Erdem Kaya
Presentation of the MIPLM subject matter expert Erdem KayaPresentation of the MIPLM subject matter expert Erdem Kaya
Presentation of the MIPLM subject matter expert Erdem Kaya
MIPLM
ย 
Handling Multiple Choice Responses: Fortune Effiong.pptx
Handling Multiple Choice Responses: Fortune Effiong.pptxHandling Multiple Choice Responses: Fortune Effiong.pptx
Handling Multiple Choice Responses: Fortune Effiong.pptx
AuthorAIDNationalRes
ย 
Stein, Hunt, Green letter to Congress April 2025
Stein, Hunt, Green letter to Congress April 2025Stein, Hunt, Green letter to Congress April 2025
Stein, Hunt, Green letter to Congress April 2025
Mebane Rash
ย 

Phi 235 social media security users guide presentation

  • 1. SOCIAL MEDIA SECURITY USERS GUIDE CYBER SECURITY SOLUTIONS ALAN HOLYOKE PHI 235
  • 3. WEBSITES SECURITY As you can see by the diagram to the left, there are numerous browsers and websites that you and I utilize on a daily basis, an ever growing reality that keeps us โ€œconnectedโ€ to everyone and everything that we may want to be connected to. In regards to Cyber Security Solutions, this guide will explain the thirteen different sections covering everything from Access Control to Gap Analysis to Information Security Policy and everything in between. Well, letโ€™s take a journey, shall weโ€ฆ.
  • 4. Access control solutions Access control solutions allow companies to determine who can go where and when. An audit trail shows the details of who passed through your access control entry and exit devices. Events recorded to a head end computer may be linked to video, paging, or alarm functions. By combining software and hardware, your system can be controlled, queried, or programmed from anywhere on your network or via a secure web browser.
  • 5. They give you a complete picture of each employees activity by days, weeks, and the times they passed though any access controlled door in your facility. Your records will show whether they passed through during your regular working hours or off hours. Our access systems are based on time tested, user friendly software and allow for monitoring and control in remote sites throughout your existing network. Access control solutions (continued)
  • 6. Vulnerability analysis Vulnerability analysis, also known as vulnerability assessment, is a process that defines, identifies, and classifies the security holes (vulnerabilities) in a computer, network, or communications infrastructure. In addition, vulnerability analysis can forecast the effectiveness of proposed countermeasures and evaluate their actual effectiveness after they are put into use.
  • 7. Vulnerability analysis (continued) Vulnerability analysis consists of several steps: ๏ƒ˜ Defining and classifying network or system resources ๏ƒ˜ Assigning relative levels of importance to the resources ๏ƒ˜ Identifying potential threats to each resource ๏ƒ˜ Developing a strategy to deal with the most serious potential problems first ๏ƒ˜ Defining and implementing ways to minimize the consequences if an attack occurs.
  • 8. Vulnerability analysis (continued) If security holes are found as a result of vulnerability analysis, a vulnerability disclosure may be required. The person or organization that discovers the vulnerability, or a responsible industry body such as the Computer Emergency Readiness Team (CERT), may make the disclosure. If the vulnerability is not classified as a high level threat, the vendor may be given a certain amount of time to fix the problem before the vulnerability is disclosed publicly.
  • 9. Vulnerability analysis (continued) The third stage of vulnerability analysis (identifying potential threats) is sometimes performed by a white hat using ethical hacking techniques. Using this method to assess vulnerabilities, security experts deliberately probe a network or system to discover its weaknesses. This process provides guidelines for the development of countermeasures to prevent a genuine attack.
  • 10. gap analysis A technique that businesses use to determine what steps need to be taken in order to move from its current state to its desired, future state. Also called need-gap analysis, needs analysis, and needs assessment.
  • 11. gap analysis (continued) ๏ถ Listing of characteristic factors (such as attributes, competencies, performance levels) of the present situation ("what is") ๏ถ Listing factors needed to achieve future objectives ("what should be"), and then ๏ถ Highlighting the gaps that exist and need to be filled. Gap analysis forces a company to reflect on who it is and ask who they want to be in the future.
  • 12. Penetration testing A penetration test is a proactive and authorized attempt to evaluate the security of an IT infrastructure. This is done by safely attempting to exploit system vulnerabilities such as: โ€ข The Operating System (OS) โ€ข Service and Application flaws โ€ข Improper Configurations โ€ข Validating the Efficiency of Defensive Mechanisms Such assessments are also useful in validating the efficiency of end-usersโ€™ adherence to company security policies.
  • 13. Penetration testing (continued) A penetration test is a test whose results validate the risk posed by specific security vulnerabilities or flawed processes. This enables IT management and security professionals to prioritize remediation efforts. By embracing more frequent and comprehensive penetration testing, organizations can more effectively anticipate emerging security risks and prevent unauthorized access to critical systems and valuable information.
  • 14. Web application security Web Application Security is an internet security audit, performed by experienced security professionals. A key feature of the service, and one which cannot be covered by relying solely on automated testing, is application testing. The service is designed to rigorously push the defenses of internet networks and applications.
  • 15. Web application security (continued) It is suitable for commissioning, third party assurance, post-attack analysis, audit and regulatory purposes where independence and quality of service are important requirements. A final written report provides an analysis of any security or service problems discovered together with proposed solutions, links to detailed advisories and recommendations for improving the security of the service under test. The Web Application Testing service can be used to ensure compliance with PCI DSS v2.0 requirement 11.3, (penetration testing) as it includes both network and application layer testing.
  • 16. Web application security (continued) Areas Covered by Web Application Testing ๏ฑ Configuration errors ๏ฑ Application loopholes in server code or scripts ๏ฑ Advice on data that could have been exposed due to past errors ๏ฑ Testing for known vulnerabilities ๏ฑ Reducing the risk and enticement to attack ๏ฑ Advice on fixes and future security plans
  • 17. Web application security (continued) Typical Issues Discovered in an Application Test o Cross-site scripting o SQL injection o Server misconfigurations o Form/hidden field manipulation o Command injection o Cookie poisoning o Well-known platform vulnerabilities o Insecure use of cryptography
  • 18. Web application security (continued) Typical Issues Discovered in an Application Test (continued) o Back doors and debug options o Errors triggering sensitive information leak o Broken ACLs/Weak passwords o Weak session management o Buffer overflows o Forceful browsing o CGI-BIN manipulation o Risk reduction to zero day exploits
  • 19. Log analysis Log Analysis lets you analyze unstructured data to help identify, isolate and resolve problems. The software integrates data from multiple sources including logs, events, metrics, support documents and trouble tickets.
  • 20. Network traffic analysis Network analysis is the process of capturing network traffic and inspecting it closely to determine what is happening on the network. This is accomplished by two different monitoring techniques: ๏ƒผ Router Based โ€“ Monitoring functionalities that are built into the routers themselves & do not require and additional installation of hardware or software. ๏ƒผ Non-Router Based - Monitoring techniques require additional hardware and software to be installed and provide greater flexibility.
  • 21. Information security Policy design The first step to creating an effective information security policy is evaluating information assets and identifying threats to those assets. Some assets within an organization will be more valuable than others, but monetary value should not be the only factor. Determining both the monetary value and the intrinsic value of an asset is essential in accurately gauging its worth.
  • 22. Information security Policy design (continued) To calculate an assetโ€™s monetary value: An organization should consider the impact if that assetโ€™s data, networks or systems are compromised in any way. To calculate an assetโ€™s intrinsic value: An organization must consider a security incidentโ€™s impact on credibility, reputation and relationships with key stakeholders.
  • 23. Information security Policy design (continued) When assessing potential threats, external and internal threats must be considered. External threats include viruses, worms, Trojan horses, hacking attempts and anything that tries to break an organizationโ€™s security infrastructure from the OUTSIDE. Internal threats include abuse of critical systems and data, surfing objectionable Internet content, and inappropriate Internet use. The real costly danger with internal threats comes from perpetrators having extensive access to the network from the INSIDE.
  • 24. Information security Policy design (continued) Since an information security policy will have an effect on people throughout the organization, a team should take the responsibility for drafting the policy together. This team should include executives, IT administrators, information security experts, human resource managers, public relations managers, legal counsel and IT auditors. Approval for the policy should come from the highest possible level in the corporate environment.
  • 25. Security products identification There are several security products on the market. Here is a list of a few of those security products: Passport Laminates Passport laminates range from a clear film overlay to Covid holographic and Fasver printed security laminates, featuring overt, covert, and forensic security devices. All laminates are custom designed to suit the document and the application equipment.
  • 26. Security products identification (continued) ID Card Laminates Covid holographic and Fasver printed security laminates protect ID cards against forgery and counterfeit attempts. Most companies will work with each client to create custom originations that integrate with the background artwork and personalized data to deliver cohesive designs that are attractive, original, easy to authenticate, and highly secure.
  • 27. Security products identification (continued) Polycarbonate Solutions Polycarbonate solutions provide security both in and on identity documents and enable color personalization on ID cards. Fasver printed security layers can be embedded within polycarbonate cards and passport data pages to help authenticate genuine ID documents and prevent counterfeiting. Covid holographic patches add security to the cardโ€™s surface while protecting the Unichroma-enabled color personalized data.
  • 28. Security products identification (continued) Seals, Labels, and Hot Stamp Foils Our seals, labels, and hot stamp foils are used by governments worldwide to protect signatures on official documents, and to secure and authenticate document pouches and vehicle stickers. Card Personalization Imagedata D2T2 ribbons generate vibrant colors and high-definition print for photos, background imagery, text, and bar codes, making them ideal for the personalization of secure and non-secure ID cards.
  • 29. Cyber security surveys Forty-seven percent of surveyed organizations have suffered a cyber-attack in the past year โ€“ and a frightening 13 percent say they do not even know if they have been attacked. These are among the results of the 2013 Cyber Security Study conducted by Information Security Media Group and commissioned by Bit9.
  • 30. Data leak prevention solutions Data leak prevention solution is a system that is designed to detect potential data breach or data ex-filtration transmissions and prevent them. It does this by monitoring, detecting and blocking sensitive data while in-use (endpoint actions), in-motion (network traffic), and at-rest (data storage). In data leakage incidents, sensitive data is disclosed to unauthorized personnel either by malicious intent or by an inadvertent mistake. Such sensitive data can come in the form of private or company information, intellectual property (IP), financial or patient information, credit-card data, and other information depending on the business and the industry.
  • 31. Cyber hygiene Cyber hygiene refers to steps that computer users can take to improve their cybersecurity and better protect themselves online.
  • 32. Cyber hygiene (continued) The best practices are not new technologies, but fairly common sense ideas that need to become part of an enterprise culture. The common practices are listed below: โ€ข Eliminate unnecessary data and keep tabs on what is left; โ€ข Ensure essential controls are met and regularly audit to in order consistent implementation; โ€ข Change default credentials; โ€ข Avoid shared credentials; โ€ข Implement a firewall or access control list (ACL) on remote access/administration services; โ€ข Utilize IP blacklisting;
  • 33. Cyber hygiene (continued) The common practices are continued below: โ€ข Update anti-virus and other software consistently; โ€ข Audit user accounts; โ€ข Restrict and monitor privileged users; โ€ข Monitor and filter outbound network traffic; โ€ข Test applications and review codes; โ€ข Change the approach to event monitoring and log analysis; โ€ข Define โ€˜suspiciousโ€™ and โ€˜anomalousโ€™ (then look for whatever โ€˜itโ€™ is); โ€ข Increase awareness of social engineering; โ€ข Train employees and customers to look for signs tampering and fraud;
  • 34. Cyber investigation A cyber investigation investigates those offences that are committed against individuals or groups of individuals with a criminal motive to intentionally harm the reputation of the victim or cause physical or mental harm to the victim directly or indirectly, using modern telecommunication networks such as Internet (Chat rooms, emails, notice boards and groups) and mobile phones (SMS/MMS).
  • 35. Information security policy Information security policy is a set of policies issued by an organization to ensure that all information technology users within the domain of the organization or its networks comply with rules and guidelines related to the security of the information stored digitally at any point in the network or within the organization's boundaries of authority.
  • 36. Comprehensive cyber security solution Government agencies need to proactively protect their critical applications, data and processes from external and internal threats throughout their entire life cycle. By taking a comprehensive and integrated approach to application vulnerability management, agencies can measurably improve operational security, mitigate risks, and reduce costs.
  • 38. Cite list (continued) http://www.isaca.org/Journal/Past-Issues/2005/Volume-6/Pages/JOnline-Creating- and-Enforcing-an-Effective-Information-Security-Policy1.aspx http://www.itwsbi.com/Products/SecurityProducts.aspx https://www.bit9.com/resources/research-reports/2013-cyber-security-study/ http://vimeo.com/41847642 http://www.aig.com/Chartis/internet/US/en/CyberHygieneDocument_031214_tcm317 1-586930.pdf http://pursuitmag.com/cyber-crime-terms-and-definitions/ http://www.techopedia.com/definition/24838/information-security-policy http://www-304.ibm.com/industries/publicsector/us/en/contentemplate1/!!/xmlid=148819/
  • 39. Computing with the โ€œCloudโ€ Most people when they here the word โ€œcloudโ€ they think of the clouds in the sky, that would be only logical. But from a computing standpoint, the โ€œCloudโ€ is simply a technology that uses the Internet and remote servers to: ๏ƒ˜ Maintain data and applications ๏ƒ˜ Allows users to access applications without installation . ๏ƒ˜ Allows users access to their personal files from any computer that has access to the Internet. ๏ƒ˜ Centralizes storage, memory, processing, and bandwidth.In regards to your Yahoo email account, that software is managed by Yahoo. Your Gmail account software is managed by Google.
  • 40. HTTPS (HYPERTEXT TRANSFER PROTOCOL SECURE) โ€ข Install HTTPS Everywhere on your Web browser. โ€ข HTTPS Everywhere is a Firefox, Chrome, and Opera extension that encrypts any communication that you may have with major websites. โ€ข More specifically, this extension encrypts your Web browsing sessions, protecting you from hackers and spy agencies that scoop up unencrypted traffic across the Internet. http://www.youtube.com/watch?v=8nRlsaWfo30